<?php

/* $bdd = "";
 // PDO DB
 try{
 $bdd = new PDO('pgsql:dbname=lawresolution;host=localhost;user=postgres;password=azerty');
 }catch(PDOException $e){
 echo "erreur<br>".$e->getMessage();
 } */

function connexiondb() {// Connexion a la BD en PDO
	$pdo_options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION;
	// TEST
	// $bdd = new PDO('pgsql:dbname=lawresolution;host=localhost;user=postgres;password=azerty');
	// PROD
	try {
		$bdd = mysql_connect("mysql51-120.perso", "lawresoltab", "lejeune1");
		if (!$bdd) {
			die('impossible de se connecter ' . mysql_error());
		}
		$db = mysql_select_db("lawresoltab", $bdd);
		if (!$db) {
			die('Impossible de sélectionner la base de données : ' . mysql_error());
		}
	} catch (Exception $e) {
		die('Erreur : ' . $e -> getMessage());
	}
}

function login($email, $passwd) {
	// Hachage du mdp passé en param pour
	// $passwd_hache = md5($passwd)
	connexiondb();
	$req = sprintf("SELECT nom, prenom FROM Users WHERE email = '%s' AND passwd = '%s'", mysql_real_escape_string($email), mysql_real_escape_string($passwd));
	$resultat = mysql_query($req);
	if ($resultat) {
		$row = mysql_fetch_assoc($resultat);
		$_SESSION['email'] = $email;
		$_SESSION['nom'] = $row['nom'];
		$_SESSION['prenom'] = $row['prenom'];
		return true;
	}
	die('login fail' . mysql_error());
	return false;
}

function logout() {
	session_destroy();
}

function checkIfAdmin($email) {
	connexiondb();
	$query = sprintf("SELECT type FROM Users WHERE email = '%s'", mysql_real_escape_string($email));
	$resultat = mysql_query($query);
	if ($resultat) {
		$row = mysql_fetch_assoc($resultat);
		if ($row['type'] == 1) {
			return true;
		}
	}
	return false;
}

function enregistrerUtilisateur($email, $type, $nom, $prenom, $telephone) {
	//Verif donnee
	// generer le passwd
	connexiondb();
	$passwd = 1;
	$req = sprintf('INSERT INTO Users(email, type, nom, prenom, telephone) VALUES(%s, %s, %s, %s, %s)', mysql_real_escape_string($email), mysql_real_escape_string($type), mysql_real_escape_string($nom), mysql_real_escape_string($prenom), mysql_real_escape_string($telephone));
	mysql_query($req);
	// Envoi mail
}

function supprimerUtilisateur($email) {
	connexiondb();
	$req = sprintf('DELETE FROM users WHERE email = %s', mysql_real_escape_string($email));
	mysql_query($req);
}

function modifierPasswd($passwd) {
	$bdd = connexiondb();
	$req = $bdd -> prepare('INSERT INTO lawresolution.utilisateurs(email, type, nom, prenom, telephone) VALUES(:email, :type, :nom, :prenom, :telephone)');
	$req -> execute(array('passwd' => $passwd));
}

function getUtilisateur($email) {
	// TODO
	connexiondb();
	$req = sprintf('SELECT id, nom, prenom, type, telephone FROM Users WHERE email = %s', mysql_real_escape_string($email));
	$result = mysql_query($req);

	$retour = array();
	while ($resultat = mysql_fetch_assoc($result)) {
		$retour[] = $resultat;
	}
	return $retour;

}

function getUtilisateurs() {

	connexiondb();
	$req = sprintf('SELECT id, nom, prenom, type, email, telephone FROM Users WHERE email != %s ORDER BY nom ASC, prenom ASC',mysql_real_escape_string($_SESSION['email']));
	$result = mysql_query($req);
	
	$resultat = array();
	$i = 0;

	if ($donnees = mysql_fetch_assoc($result)) {
		do {
			$resultat[$i] = array();
			$resultat[$i]['id'] = $donnees['id'];
			$resultat[$i]['nom'] = $donnees['nom'];
			$resultat[$i]['prenom'] = $donnees['prenom'];
			$resultat[$i]['email'] = $donnees['email'];
			$resultat[$i]['telephone'] = $donnees['telephone'];
			$i++;
		} while ($donnees = mysql_fetch_assoc($result));
		return $resultat;
	}
	return $resultat = false;

}

function getAffaires() {
	connexiondb();	
}

function getAffaire($id) {
	connexiondb();
}

function getFichiersParAffaire($idAffaire) {
	connexiondb();
}

?>